In the Specification 
Please replace paragraphs [0001] through [0016] mth the following: 
Related Application 

This is a §37 1 of International Application No. PCT/FR03/02466. with an international filing 
date of August 5. 2003 (WO 2004/0 1 557 L published February 1 9. 2004), which is based on French 
Patent Application No. 02/10000, filed August 6. 2002. 
Field of the Invention 

Th e pres e n t This invention pertains to the field of communication between applications within 
an operating system. In fact, in the standard computer operating systems such as [[q] Windows™- 
ietfer ^ .and the like, the-launched applications exchange messages by means of the system in order to 
obtain information regarding each other. ITi e pr e sen t This invention therefore has the intention of 
r e sijondin gresponds to the problem of confidentiality on the Intemet by preventing certain or all 
appUcations to have access, e.g., to the user data collected by a navigator. 
Background 

It is increasing illusory to believe that it is possible to surf the net without being subject to 
spying. Numerous "fi-ee" programs available on the Intemet take advantage of the access that the 
user grants them by installing them for spying on the user's connections and drawing up a consumer 
profile to be sold. Worse, certain programs have the objective of bringing back to their creators 
notably passwords, identifiers, credit card numbers and all other types of personal information 
pertaining to the user. The method used by these spy programs (spyware) is simple: since most of 
the operating systems are created such that the appHcations can dialogue with each other, these 
spyware programs simply demand firom the navigator the address of the site or the value of certain 
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fields of a web page (whether or not in Secure Sockets Layer mode) filled out by the user and the 
navigator provides the spyware with this information. 

Ahoady Icnowh iii thd prior art firom tho American patent U S fte7-6,000,032 isdiscloses a 
device and a procedure for obtaining a security value which enables a calling module to access in a 
secure manner a called module in a digital computer. ThisThat device makes it possible to grant 
access to a program module solely upon presentation of a predefined value. However, the problem 
resolved by thisthat device is the protection of a software program system fi-om hostile attacks while 
authorizing the identified interlocutors to access the data. The procedure employs relatively 
complicated calculations intended to determine the rights of the calling module. i ^That invention 
of th e prior art thus does riot respond to the same technical problem and the solution that it proposes 
is too complicate d to b e iffiplerii e hted for th e probl e m that th e pr iB s e nt invention intendo to r e solve . 

On the other hand, a known solution consists of developing alternatives to the widely 
distributed applications in a manner so as t o profit fi-om the ignorance of the new applications by the 
spyware programs. ThisThat solution has as aj)rincipal and fiindamental limit that when the 
altemative becomes known, the developers of the spyware programs integrate it in the list of 
applications with which they can communicate. 

The pr e s e nt inv e ntion has th e int e ntion of r e solving th e drawbacks of th e prior art by 
proposing a syst e rii using th e standard int e r application messag e s of tho operating system in ord e r to 
implement a control of access to these data by an application. 
Summary of the Invention 

This invention relates to a procedure for communication between at least two appliciations A 
and B in an operating svstem intended to prevent application A fi-om accessing information content 
of an application window B, including creating at least one variable bv application B, receiving a 
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request from applicati on A bv application B. verifying a value of the variable by a pplication B to 
verify validity of the request or of authenticating its origin, and responding to the req uest a<; a 
function of the value and/or the orig in. 
Brief Description of the Drawings 

Better understanding of the invention will be obtained from the description below, presented 
for purely explanatory purposes, of one mode of implementation of the invention with reference to 
the attached figures: 

Fig. 1 illustrates the standard process of communication between two applications: and 
Fig. 2 illustrates the procedure for communication between two applications according to 

aspects of the invention. 

Detailed Description 

This invention resolves the drawbacks of the prior art bv providing a system using the 
standard iilter-applicaition messages of the operating system to implement a control of access to these 
data by an application. 

In ord e r to accomplish this, tho prosontT he invention is of th e t>p e described abov e and it is 
remarkable in its broadest sense in that it pertains to a procedure for communication between at least 
two applications A and B in an operating system intended to prevent application B from accessing 
the infoiinatiori content of an application window A, charact e rized in that it compriso s comprising the 
following steps: 

[[- ]]a step of creation of at least one variable by application A; 

Ur ]]a step of reception of a request from application B by application A; 

[[- ]]a step of verification of the value of saidthe variable by application A with the goal of 
verifying the validity of saidthe request or of authenticating its origin; 
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[[- ]]a step of response to saidthe request as a function of s^the value and/or saidthe origin. 

In one particular case of the invention, the two applications A and B are the same, i.e., A is 
equal to B. The procedure then comprises an additional step consisting of modifying the value of the 
variable for which saidthe request is considered vaUd. The verification step is advantageously 
impleniented by an overloaded function of the operating system. The operating system is preferably 
Microsoft Windows™^ but it can also be any other operating system capable of using/managing 
messages between applications. 

According to one mod e of implementatio n aspect of the invention, saidthe value verified by 
application A is different fi-om a predefined value and the response step consists of not satisfying 
said request. According to another mod e of implementation, sai d aspect, the value verified by 
application A is equal to a predefined value and the response step consists of satisfying saidthe 
request. 

Bett e r understanding of th e pr e sent inv e ntion will b e obtain e d fi'om the description bolow, 
pres e nt e d for purely explanatory purpos e s, of one mod e of implementation of the inv e ntion with 
ref e r e nce to th e attach e d figures: 

figure 1 illustrates th e standard proc e sG of communication b e tween two applications; 

figur e 2 illustrates th e proc e dure for oonmiunication between two applications according to 
th e iriverition. 

According to one pr e ferred mode of implementatio n aspect of the invention, the invention 
pertains to the Windows™ operating system in its most widely used versions. In this operating 
system, an application A, which can be an instant messaging program equipped with a spy program, 
attempts to recover the value of the URL field of an apphcation window B which can be, e.g., an 
Internet navigator. 
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in a standard operating system, the applications communicate according to the procedure 
described above and as^illustrated in figufeFig. 1 . 

In step (1), an application A addresses a message to an application B in ord e r t o obtain 
information on the elements of application B. 

Please replace paragraphs [0019] through [0020] with the following: 

In a system comprising an application B equipped ^v4t hto effect the procedure according to 
aspects of the invention, tfee-communications between another application A and smdthe application 
B are illustrated in figufeFig. 2. 

In step (4), an application A addresses a message to an application B in ord e r t o obtain 
information on the elements of application B. 

Please replace paragraphs [0022] through [0023] with the following: 

If the value authorizes that response to the message, application B responds to application A 
in the siame manner as in the standard procedure (step 6). In the contrary case, application B does not 
respond to application A but informs the operating system that the message was processed (step 7). 

Please replace paragraph [0025] with the following: 

An application A desiring to obtain information from an application B generates a 
"send_message" command with as paramet e rs th e m essage type and fee-identity of the addressee 
par^eters . If the target application B is a navigator and the application attempts to obtain the 
content of the URL field of application B, the message type will be CB_GETLBTEXT and the 
identity of the addressee will be the identifier of the target application window B. This command 
induces the creation of a variable in the registers of apphcation A intended to collect the response of 
the targeted application as well as fee-sending a message from fee operating system containing fee 
address of fee register variable and the identity of fee addressee. 
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Please replace paragraphs [0027] through [0028] with the following: 

Upon creation of the target window, one processing function wasis attributed to this window 
iritfended in particular to process the messages intended for this window. This function is called 
"DefWindowProc( )" in Microsoft Windows™. The messages are thus arranged in a pile. 

For each message of the pile, the processing function reads the message and responds to it by 
filling out the empty fields of the register of application A created upon the emission of the message 
by the appHcation. In certain versions of Microsoft Windows^^, these fields are called 'Svparam" 
arid "Iparam", and contain on the one hand the length of the response and on the other hand the 
response. In Microsoft Windows™, if the request consists of obtaining the value of the URL field of 
the navigator, the processing function of the window will read the value contained for the variable 
"ComboBoxEx" (corresponding to said URL field) i n ord e r t o provide the response. 

Please replace paragraph [0030] with the following: 

The procedure according to aspects of t he invention consistfl o fi ncludes performing the 

following operations. 

Please replace paragraph [0031] with the following: 

Prior to any communication and the launching of target application B, of: 

- creating and initializing (at 0) a variable of origin in the registers of application B intended 

to subsequently determine the origin of the incoming messages. 

-Upon creation of a window, of creating a new processing function similar to that created by 

default and of overloading this new processing function in ord e r t o determine the origin of the 

incoming messages. 
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Please replace paragraph [0035] with the following: 

The invention wasis described above as an example. It is understood that the export one 
skilled in the field coul d art can implement different variantsasgects of the invention without th e r e by 
going beyond the scope of the ^at ^invention as defined in the appended claims . 
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